April 11, 2024

                April 11, 2024

            April 11, 2024

            April 11, 2024

Looks like someone dropped a Linux kernel 0day https://t.co/UYPK9rItOc pic.twitter.com/wGFK4Vw7Fb
— matteyeux (@matteyeux) April 10, 2024

Writeup looks very similar to https://t.co/tXNC0W1SKf

Not sure if it is just a translation, or some modifications were made.
— p0fs@infosec.exchange (@pieceofsummer) April 10, 2024

GDB dashboard: a modular visual interface for GDB (GNU Debugger) in Python - via #gcu https://t.co/aSKr5hU2K9 pic.twitter.com/nPcsZAlGel
— Laurent Cheylus (@lcheylus) April 9, 2024

(CVE-2024-27228)[Critical][316354570]Memory corruption in the MFC media processing core on the Pixel 7 -> RCE.https://t.co/CXGodOhli1@natashenka
— xvonfers (@xvonfers) April 10, 2024

Monocle is a new reverse engineering tool from James Stevenson that combines local LLM with a bridge to Ghidra to implement a natural language search capability that will return candidate functions along with a match score and a high-level synopsis of what the function does:… pic.twitter.com/ScVAUJhNT8
— Pedram Amini (@pedramamini) April 10, 2024

                  GitHub - user1342/Monocle: Tooling backed by an LLM for performing natural language searches against compiled target binaries. Search for encryption logic, password strings, vulnerabilities, etc.
Tooling backed by an LLM for performing natural language searches against compiled target binaries. Search for encryption logic, password strings, vulnerabilities, etc.  - GitHub - user1342/Monocle...            

malware authors now conducting psychological warfare against antivirus engineers pic.twitter.com/uOTFxujkxh
— cts🌸 (@gf_256) April 10, 2024

Huge fan of secure defaults and building guardrails over just playing vulnerability whack-a-mole.@clintgibler has put together an incredibly great list of libraries that help with secure default guardrails organized by language and vulnerability type. pic.twitter.com/oFTqkyj2Jh
— Matt Johansen (@mattjay) April 10, 2024

CISA is making its Malware Next-Gen service -- which previously allowed only government agencies to submit malware for detailed analysis by CISA experts -- accessible to the public. https://t.co/mjiBPHSmEo pic.twitter.com/qaYBbcHrRg
— Eric Geller (@ericgeller) April 10, 2024

And Krebs was first to announce ….https://t.co/rb3x6sgTF9

“There is something potentially huge popping up now. Has to do with a compromise at business intelligence vendor Sisense. I'm hearing this is a supply chain attack affecting many millions of credentials and hundreds of…
— Whiskey (@jmcmurry) April 11, 2024

When I need a tough reservation on short notice

I call and say it’s for my boss

And then my girlfriend is in the background yelling “you’re the worst F- ing assistant, I told you to get it two weeks ago” etc

And then I say to the reservationist “sorry, I’m just under a lot of…
— Morgan Barrett (@MorganBarrettX) April 9, 2024

Analyzing and exploiting vulnerabilities in Empire c2 framework.
Credits @ACEResponderhttps://t.co/ZF4FEtFeoJ#c2 #infosec pic.twitter.com/v1nt3uleaB
— 0xor0ne (@0xor0ne) April 10, 2024

17 yrs of KASLR bypasses was a total waste of time 🫤https://t.co/i2GhsNemwj
— c0m0r1 (@c0m0r1) April 11, 2024

I'm speechless pic.twitter.com/aZSJveYaWM
— c0m0r1 (@c0m0r1) April 11, 2024

Myawaddy town has not yet fallen, said Prime Minister Srettha Thavisin, alongside the 3rd Army.

These comments followed reports from the Rachamanu Special Task Force indicating that the last remaining army camp of the Myanmar junta in Myawaddy had been overrun by revolutionary… pic.twitter.com/PZzU1JI8Y1
— Thai Enquirer (@ThaiEnquirer) April 11, 2024

Don't miss what's next. Subscribe to the grugq's newsletter: